Author: Admin

The Panasonic Corporation has disclosed a data security incident in which an undisclosed amount of data was compromised. In a statement issued Friday, the major Japanese multinational conglomerate announced that an unauthorized third party had gained access to its network on November 11.  An internal investigation was launched that determined that the intruder had accessed some data stored on a file server. Panasonic did not say how much data was compromised in the incident or whether any sensitive information…

Threat Summary This month it was disclosed that a Microsoft vulnerability that allows for local privilege elevation, previously patched in the November 2021 Patch Tuesday, is still exploitable and was not patched correctly. Using this vulnerability, threat actors with limited access to a compromised device can easily elevate their privileges to help spread laterally within the network. Figure 1. MITRE ATT&CK Matrix for Windows Zero-Day in MVISION Insights The vulnerability affects all supported versions of…

The United States’ Cybersecurity and Infrastructure Security Agency (CISA) is exploring a protective email service (PES) that can be used to make Federal Civilian Executive Branch (FCEB) email safer.  In October 2017, the Department of Homeland Security took action against the spoofing of domains and organizations by mandating DMARC or domain-based message authentication, reporting and conformance standards by all federal agencies in its Binding Operational Directive 18-01.  Now, CISA is asking the cybersecurity industry for feedback…

Private equity firm Clearlake Capital Group LP has agreed to acquire Californian tech company Quest Software from its current owner, Francisco Partners.  The terms of the planned transaction have not been disclosed. However, Quest has been valued at $5.4bn, including debt, according to unnamed sources quoted by The Wall Street Journal. A statement announcing the acquisition was released earlier today. It revealed that current CEO of Quest, Patrick Nichols, will remain at the helm after the acquisition has been completed to lead the existing executive…

Many organizations lack an effective patch management program, especially when it comes to patching remote systems, says Action1. Image: iStock/ cyano66 Patch management is one of the trickiest but most essential tasks you can take to protect your software, systems and other assets. Cybercriminals know that organizations often fail to properly or quickly patch known vulnerabilities, leaving this a key vector for attack. Patching security holes has become even more difficult with the advent of…